New research shows that over 4 million systems on the internet, including VPN servers and home routers, are vulnerable to attacks due to tunneling protocol vulnerabilities. The research was conducted by Mathy Vanhoef, a professor at the KU Leuven university in Belgium, and PhD student Angelos Beitis, in collaboration with VPN testing company Top10VPN. Vanhoef is well known for his Wi-Fi security research, including for the attacks named Dragonblood, KRACK and FragAttacks. READ MORE...
The consequences of a wave of credit card skimmers-which is normal around the holidays-are starting to show. Label maker Avery has filed a data breach notification, saying 61,193 people may have had their credit card details stolen. On December 9, Avery said it became aware of an attack on its systems. An investigation showed that cybercriminals had inserted malicious software that was used to "scrape" credit card information used on its website. READ MORE...
In 2024, organizations informed the US government about more than 580 healthcare data breaches affecting a total of nearly 180 million user records. SecurityWeek has conducted an analysis of the healthcare breach database maintained by the US Department of Health and Human Services Office for Civil Rights (HHS OCR), which stores information on incidents impacting the protected health information of over 500 individuals. READ MORE...
The collection has been leaked on Monday and publicized on an underground forum by the threat actor that goes by "Belsen_Group", supposedly as a free offering to solidify the name of the group in the forum users' memory. The leaked 1.6 GB archive contains folders ordered by country, and inside each are folders named after IP addresses. Inside those are full configuration files and a txt file with a list of admin and VPN user credentials. READ MORE...
Devices that have Citrix's Session Recording software installed are having problems completing this month's Microsoft Patch Tuesday update, which includes important fixes. Microsoft noted the problem in the list of known issues with the update, which arrived on January 14. According to the Windows vendor, affected devices will download and apply the update, but, after restarting to complete the installation, will show an error. READ MORE...
In an especially brazen tactic, multiple threat actors are impersonating Google Ads login pages to trick advertisers into handing over their account credentials. The attackers - from regions as geographically dispersed as South America, Asia, and Eastern Europe - are then using the hijacked accounts in real-time to buy and distribute malicious advertisements and malware via Google Ads. READ MORE...
Researchers at cyber-defense contractor PeopleTec have found that facial-recognition algorithms' focus on specific areas of the face opens the door to subtler surveillance avoidance strategies. In a pre-print paper titled "Novel AI Camera Camouflage: Face Cloaking Without Full Disguise," David Noever, chief scientist, and Forrest McKee, data scientist, describe their efforts to baffle face recognition systems through the minimal application of makeup and manipulation of image files. READ MORE...
Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers. Rsync is an open-source file synchronization and data transferring tool valued for its ability to perform incremental transfers, reducing data transfer times and bandwidth usage. READ MORE...